Field of the Invention
The present invention relates to account based systems, and in particular to establishing relationships between user accounts in an account based system.
Description of the Related Technology
Many systems exist in which users of the system are required to hold accounts. Examples of such account based systems include financial institutions, such as banks, where users are commonly required to hold an account with which their level of funds or other financial data is associated. Similarly, many internet based services require users to hold accounts in order to use the service. Examples of such services include social networks and other online communities. Association between two or more user accounts is a desirable feature of many account based systems. In the case of banking systems, a user's account may include a list of payee accounts to which they can more easily transfer funds. In the case of an online community, association between user accounts may enable the transfer of data between the users of the associated accounts, such as communications data or shared data files. In some account based systems, due to the functionality that is provided by associating user accounts, it may be appropriate to provide one user with a level of assurance in the identity of another user before establishing such an association between their user accounts. However, establishing trusted relationships between user accounts can be difficult, especially in systems where there is a requirement not to expose account details to users of other accounts with which no association has yet been established.
Some known account based systems use account identifiers that are not easily recognizable to users of the system. For example, in the context of banking systems, accounts are typically identified to other users on the basis of unique account numbers, or account number and sort code combinations. Such systems expose users to the risk of transposition errors when adding another user to their list of payees, because errors made when entering such an account identifier may not be readily noticeable to the user. Despite some systems employing mechanisms for detecting transposition errors, there remains a risk that such errors may result in failure of payments, or payments being made to unintended recipients, which are clearly undesirable.
Alternative known systems may utilize more generic identifiers, such as user configurable account names. For example, in the context of social networks, a user may have the option of associating a publicly available “display name” with their account. However, in order to allow users to use the display name that they desire, such identifiers are typically not unique within the account based system. Such systems may expose their users to the risk of targeted identity spoofing, whereby an account may be established by a malicious party in order to solicit association requests from users intending to associate with the legitimate user account. In other words, it may be difficult to provide a user with an account identifier for their user account that is easily recognizable by others, and that is unique and genuine. Relationships that are unintentionally established with a spoofed account may lead to the unwanted acquisition of private data, or other valued assets, by the malicious party.
Hence it would be desirable to provide measures for establishing a relationship between user accounts that overcome one or more of these problems.